{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T02:50:41Z","timestamp":1773888641139,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":2,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,11,8]],"date-time":"2022-11-08T00:00:00Z","timestamp":1667865600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"AssureMOSS","award":["952647"],"award-info":[{"award-number":["952647"]}]},{"name":"SPARTA","award":["830892"],"award-info":[{"award-number":["830892"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,11,11]]},"DOI":"10.1145\/3560835.3564546","type":"proceedings-article","created":{"date-parts":[[2022,11,9]],"date-time":"2022-11-09T02:38:26Z","timestamp":1667961506000},"page":"35-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Risk Explorer for Software Supply Chains"],"prefix":"10.1145","author":[{"given":"Piergiorgio","family":"Ladisa","sequence":"first","affiliation":[{"name":"SAP Security Research & University of Rennes 1\/INRIA\/IRISA, Mougins, France"}]},{"given":"Henrik","family":"Plate","sequence":"additional","affiliation":[{"name":"SAP Security Research, Mougins, France"}]},{"given":"Matias","family":"Martinez","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Polytechnique Hauts-de-France, Valenciennes, France"}]},{"given":"Olivier","family":"Barais","sequence":"additional","affiliation":[{"name":"University of Rennes 1\/INRIA\/IRISA, Rennes, France"}]},{"given":"Serena Elisa","family":"Ponta","sequence":"additional","affiliation":[{"name":"SAP Security Research, Mougins, France"}]}],"member":"320","published-online":{"date-parts":[[2022,11,8]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/iV.2015.34"},{"key":"e_1_3_2_2_2_1","volume-title":"SoK: Taxonomy of Attacks on Open-Source Software Supply Chains. IEEE Symposium on Security and Privacy (SP) ( forthcoming","author":"Ladisa Piergiorgio","year":"2023","unstructured":"Piergiorgio Ladisa, Henrik Plate, Matias Martinez, and Olivier Barais. forthcoming 2023. SoK: Taxonomy of Attacks on Open-Source Software Supply Chains. IEEE Symposium on Security and Privacy (SP) ( forthcoming 2023). io"}],"event":{"name":"CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security","location":"Los Angeles CA USA","acronym":"CCS '22","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560835.3564546","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3560835.3564546","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:09Z","timestamp":1750182549000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3560835.3564546"}},"subtitle":["Understanding the Attack Surface of Open-Source based Software Development"],"short-title":[],"issued":{"date-parts":[[2022,11,8]]},"references-count":2,"alternative-id":["10.1145\/3560835.3564546","10.1145\/3560835"],"URL":"https:\/\/doi.org\/10.1145\/3560835.3564546","relation":{},"subject":[],"published":{"date-parts":[[2022,11,8]]},"assertion":[{"value":"2022-11-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}